CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet
Nov 20, 2025Ravie LakshmananVulnerability / Cloud Computing Oligo Security has warned of ongoing attacks exploiting a two-year-old security flaw in the Ray open-source artificial intelligence (AI) f ...
-
BleepingComputer
GlobalProtect VPN portals probed with 2.3 million scan sessions
Malicious scanning activity targeting Palo Alto Networks GlobalProtect VPN login portals has increased 40 times in 24 hours, indicating a coordinated campaign. Real-time intelligence company GreyNoise ...
-
CybersecurityNews
Critical Windows Graphics Vulnerability Lets Hackers Seize Control with a Single Image
A critical remote code execution flaw in Microsoft’s Windows Graphics Component allows attackers to seize control of systems using specially crafted JPEG images. With a CVSS score of 9.8, this vulnera ...
-
BleepingComputer
New SonicWall SonicOS flaw allows hackers to crash firewalls
American cybersecurity company SonicWall urged customers today to patch a high-severity SonicOS SSLVPN security flaw that can allow attackers to crash vulnerable firewalls. Tracked as CVE-2025-40601, ...
-
BleepingComputer
D-Link warns of new RCE flaws in end-of-life DIR-878 routers
D-Link is warning of three remotely exploitable command execution vulnerabilities that affect all models and hardware revisions of its DIR-878 router, which has reached end-of-service but is still ava ...
-
Huntress
Velociraptor WSUS Exploitation, Pt. I: WSUS-Up?
In November, Huntress analysts detected an incident where threat actors likely exploited a recently patched remote code execution vulnerability in Windows Server Update Services (WSUS). After gaining ...
-
CybersecurityNews
Lessons from Oracle E-Business Suite Hack That Allegedly Compromises Nearly 30 Organizations Worldwide
A sophisticated cyberattack targeting Oracle E-Business Suite (EBS) customers has exposed critical vulnerabilities in enterprise resource planning systems, compromising an estimated 100 organizations ...
-
The Cyber Express
Critical 7-Zip Vulnerability CVE-2025-11001 Prompts NHS Cyber Alert
A newly discovered security flaw, identified as CVE-2025-11001, is targeting users across both public and private sectors. The vulnerability, affecting all versions of 7-Zip before 25.00, allows attac ...
-
hackread.com
Comet Browser Flaw Lets Hidden API Run Commands on Users’ Devices
Security researchers from web browser security firm SquareX have issued a public warning after uncovering a vulnerability in Perplexity’s Comet AI browser. Their research, published on November 19, 20 ...
-
The Cyber Express
Europe Strengthens Cyber Defense as ENISA Becomes CVE Root
The European Union Agency for Cybersecurity (ENISA) has taken a major step forward in advancing vulnerability management across Europe by becoming a CVE Root within the global Common Vulnerabilities a ...